CVE-2024-56318

Sažetak

In raw\TCP.cpp in Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before 27ca6ec, there is a NULL pointer dereference in TCPBase::ProcessSingleMessage via TCP packets with zero messageSize, leading to denial of service.

Reference

https://github.com/project-chip/connectedhomeip/commit/27ca6ec255b78168e04bd71e0f1a473869cf144b
https://github.com/project-chip/connectedhomeip/issues/36750
https://github.com/project-chip/connectedhomeip/pull/36751

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

19-12-2024 - 00:15

Objavljeno

18-12-2024 - 23:15